| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
The C standard requires that objects with static storage duration
is initialized to zero.
|
|
Matching was not compliant with RFC9110 when requests were sent
in a asynchronously ordered fashion. Asynchrously (yet ordered)
requests and replies were matched according to LIFO rather than
FIFO. A new matching method has been implemented to handle cases
where packets are missing from the capture.
|
|
# This is the 1st commit message:
HTTP: corrected request/response matching
Matching was not compliant with RFC9110 when requests were sent
in a asynchronously ordered fashion. Asynchrously (yet ordered)
requests and replies were matched according to LIFO rather than
FIFO. A new matching method has been implemented to handle cases
where packets are missing from the capture.
# This is the commit message #2:
HTTP: Change to Ubuntu pipeline test
The Ubuntu pipeline test is failing because it is expecting
something that my MR has changed.
This is a modification of the test file that accomodates
the new output.
# This is the commit message #3:
HTTP: Fixed indentaion error
Fixed indentation error in the script at line 545
|
|
This is a rebase with upstream master
|
|
This has been corrected using wmem_map() fucnctions.
The full method is in the comments.
HTTP: removed unused function declaration
HTTP: Ranges are used to match reqs/resps
This does NOT fix incorrect URI matching in asynchronously ordered
GETS with a status of 206.
HTTP: Request-response matching corrected
/*
* Unlike protocols such as NFS and SMB, the HTTP protocol (RFC 9110) does not
* provide an identifier with which to match requests and responses. Instead,
* matching is solely based upon the order in which responses are received.
* HTTP I/O is asynchronously ordered such that, for example, the first of four
* GET responses is matched with the first outstanding request, the next
* response with the second oldest outstanding request and so on (FIFO).
* The previous method instead matched responses with the last of several
* async requests rather than the first (LIFO), and did not handle requests
* with no responses such as the case where one or more HTTP packets were
* not captured. Whenever there were multiple outstanding requests, the SRT
* (RTT) stats were incorrect, in some cases massively so.
*
* While RFC 9110 expressly prohibits matching via byte ranges because, among
* other things, the server may return fewer bytes than requested, the first
* number of the range does not change. Unlike HTTP implementations, Wireshark
* has the problem of requests/responses missing from the capture file.
* In such cases resumption of correct matching was virtually impossible and
* all matching was incorrect from that point on.
*
* The method of matching used herein is able to recover from packet loss,
* any nummber of missing frames, and duplicate range requests. The
* method used is explaned within the comments.
HTTP: Fixed no resp_in
When a GET request has a range and the response does not,
"Response in" was not being displayed in the request.although
that frame number was available.
HTTP: Fixed error in last commit
HTTP: corrected request/response
Matching was not compliant with RFC9110 when requests were sent
asynchronously ordered fashion. A new matching method has been
added to handle cases where packets are missing from the capture.
HTTP: correct req/resp matching without comments
This is the same code with the commented out code removed.
HTTP: Fix request/reply matching
When asynchrously (yet ordered) requests and replies were matched
according to LIFO rather than FIFO. Next and previous request
and response has been eliminated because there is no use case for
them and they bloat the Packet Detail.
HTTP: Fix request/reply matching
Fixed clang errors
|
|
Fixed clang errors
|
|
When asynchrously (yet ordered) requests and replies were matched
according to LIFO rather than FIFO. Next and previous request
and response has been eliminated because there is no use case for
them and they bloat the Packet Detail.
|
|
This is the same code with the commented out code removed.
|
|
Matching was not compliant with RFC9110 when requests were sent
asynchronously ordered fashion. A new matching method has been
added to handle cases where packets are missing from the capture.
|
|
|
|
Matching of requests and responses were being done using LIFO rather than
FIFO.
The method of matching used in this change is able to recover from packet
loss, any nummber of missing frames, and duplicate range requests. The
method is explained within the comments.
|
|
/*
* Unlike protocols such as NFS and SMB, the HTTP protocol (RFC 9110) does not
* provide an identifier with which to match requests and responses. Instead,
* matching is solely based upon the order in which responses are received.
* HTTP I/O is asynchronously ordered such that, for example, the first of four
* GET responses is matched with the first outstanding request, the next
* response with the second oldest outstanding request and so on (FIFO).
* The previous method instead matched responses with the last of several
* async requests rather than the first (LIFO), and did not handle requests
* with no responses such as the case where one or more HTTP packets were
* not captured. Whenever there were multiple outstanding requests, the SRT
* (RTT) stats were incorrect, in some cases massively so.
*
* While RFC 9110 expressly prohibits matching via byte ranges because, among
* other things, the server may return fewer bytes than requested, the first
* number of the range does not change. Unlike HTTP implementations, Wireshark
* has the problem of requests/responses missing from the capture file.
* In such cases resumption of correct matching was virtually impossible and
* all matching was incorrect from that point on.
*
* The method of matching used herein is able to recover from packet loss,
* any nummber of missing frames, and duplicate range requests. The
* method used is explaned within the comments.
|
|
This does NOT fix incorrect URI matching in asynchronously ordered
GETS with a status of 206.
|
|
|
|
This has been corrected using wmem_map() fucnctions.
The full method is in the comments.
|
|
|
|
|
|
Initialize len if it's going to be used in the return.
In certain cases we don't enter the loop and call
dissectr_http_message at all.
Fixup 76879a480a2b9a00b8ee109c768f327449215cc4
Fix #19739
|
|
Fully dissect the VMOTION-PEER message, even in a one-pass dissection or when
the VMOTION-PEER-OK message was not captured. This requires that we correlate
this Telnet conversation with the earlier one carrying the VMOTION-GOAHEAD
message, and extracting the length of the sequence number from there.
|
|
For a VMOTION-GOAHEAD message, it is likely that we can use an earlier message
in the same conversation to determine the length of the "sequence" field,
allowing us to fully dissect that message. In a two-pass analysis, even the
length from the VMOTION-PEER-OK message allows for dissection of the preceding
VMOTION-PEER message.
For decoding the VMOTION-PEER message in one pass, it's going to require a bit
more work -- i.e. tracking the "vMotion conversation" across the two Telnet
conversations.
|
|
|
|
|
|
There is no need for GuidPropertySet to be modifiable. const-ifying it moves
about 8 kBytes of data to a read-only section.
|
|
|
|
Eliminate another manually-coded binary search routine in favor of letting the
bsearch library function do the work for us.
|
|
|
|
Switch from gshort to more appropriate types in the IPDC and TDS
dissectors. Remove a check for G_HAVE_GLONG_DOUBLE, which appears to
have never existed.
We don't want automatically convert glongs any more, so remove the glong
conversion in convert-glib-types.py.
Ping #19116
|
|
|
|
I don't know why it's a gshort, i.e. a short, given that it returns
either -1, 0, or 1, indicating to Goldilocks that the version is too
small, just right, or too big, respectively. Make it an int, as is used
for C library routines that perform comparisons.
It's not as if the return type matters anyway, given that we never check
it; add an XXX comment about this before all calls, asking whether the
dissection should continue if the call fails.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Some VNC servers send an answer as multiple TCP packets
As long as not enogh data is received, desegment more TCP segments
|
|
Add a preference to check HTTP headers for non-ASCII, disabled by
default. When enabled, if non-ASCII is found when expecting a HTTP
header, then do not claim the packet as HTTP, thus allowing other
dissectors (including heuristics) a chance to parse the packet data.
|
|
Support DTLS 1.3 recognition and unified-header record.
Decryption not supported yet.
|
|
Add a decode-as dissector table, and use its entry to dissect the
payload of an CLNP (or ES-IS) security option.
This allows the user to specify that it should be dissected as used in
ICAO's ATN specification without requiring so much entanglement between
the CLNP dissector, the OSI options dissector, and the code to dissect
the ATN security option.
(It would also allw other OSI profiles to provide their own such
dissector, e.g. GOSIP if anybody still cares, or TUBA in case it was
ever even used on a network.)
|
|
Dissect UP Security Policy IE as described in TS 29.274 V18.4.0.
|
|
|
|
|
|
Based on https://github.com/robidev/iec61850-dissector
and IEC 61850-8-1 found googling
|
|
11be frames are getting classified as Unknown PhyType.
Adding support for correctly classifying 11be frames.
Closes#19706.
|
|
|
|
|
|
Change ip_encapsulated from a gboolean to a bool. This removes the last
gboolean pointer cast revealed by `grep -rl '\( *gboolean *\* *\)'`.
|
|
HTTPS Some More Places.
Instead of giving a now-dead link to a not-archived-in-the-Wayback-
Machine ICAO document repository, give a live link to a PDF of ICAO Doc
9705 Second Edition.
|
|
Remove use of parentheses from return bool statements.
|
|
|
